class LoginoutController < ApplicationController
  skip_before_filter :require_login, :only => [:index, :login]
  
  def index
    if session[:current_user_id] != nil then
      redirect_to :controller => "welcome"
    end
  end
 
  def login
    if (params[:name] == "" || params[:password] == "") then
      render :text => "Name or password is empty."
      return
    end
    
    users = User.find(:all, :conditions => ["name=?", params[:name]])
    if users.length != 1 then
      render :text => "The user doesn't exist."
      return
    end
    
    user = users.first
    if user.password != params[:password] then
      render :text => "The password is wrong."
      return
    end
    
    session[:current_user_id] = user.id 
    session[:url] = SystemConfig.first.url
    render :text => ""
  end
  
  def logout
    session[:current_user_id] = nil
    session[:url] = nil
    redirect_to :controller => "loginout"
  end
end